app-containers/podman: add 4.5.0-r1

few improvements to ebuild.
1) use shell-completion.eclass replacing bash-completino-r1
2) add app-containers/containers-common as dep & adjust other deps
3) dont install seccomp.json,policy.json,registries.conf as it is
installed by containers-common
4) removed non-amd64 keywords as containers-common is only available on
amd64 for now

I'll soon be working on podman version bump with  live version too.

Closes: https://github.com/gentoo/gentoo/pull/33030
Closes: https://bugs.gentoo.org/902569
Closes: https://bugs.gentoo.org/849863
Closes: https://bugs.gentoo.org/914597

Signed-off-by: Rahil Bhimjiani <rahil3108@gmail.com>
Signed-off-by: Zac Medico <zmedico@gentoo.org>

2 files changed, 217 insertions, 0 deletions

diff --git a/app-containers/containers-common/containers-common-0.56.0-r1.ebuild b/app-containers/containers-common/containers-common-0.56.0-r1.ebuild
new file mode 100644
index 000000000000..73407d6e4994
--- /dev/null
+++ b/app-containers/containers-common/containers-common-0.56.0-r1.ebuild
@@ -0,0 +1,68 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+DESCRIPTION="Common config files and docs for Containers eco-system"
+HOMEPAGE="https://github.com/containers/common"
+
+if [[ ${PV} == *9999* ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="https://github.com/containers/common.git"
+else
+	SRC_URI="https://github.com/containers/common/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+	S="${WORKDIR}/${P#containers-}"
+	KEYWORDS="~amd64"
+fi
+
+LICENSE="Apache-2.0"
+SLOT="0"
+RESTRICT="test"
+RDEPEND="
+	app-containers/containers-image
+	app-containers/containers-storage
+	app-containers/containers-shortnames
+	!<app-containers/podman-4.5.0-r1
+	net-firewall/nftables
+	net-firewall/iptables[nftables]
+	|| ( app-containers/crun app-containers/runc )
+	|| (
+		( >=app-containers/netavark-1.6.0 >=app-containers/aardvark-dns-1.6.0 )
+		>=app-containers/cni-plugins-0.9.1
+	)
+"
+
+BDEPEND="
+	>=dev-go/go-md2man-2.0.2
+"
+
+src_prepare() {
+	default
+
+	[[ -f docs/Makefile ]] || die
+	sed -i -e 's|/usr/local|/usr|g;' docs/Makefile || die
+
+	eapply "${FILESDIR}/fix-warnings.patch"
+	eapply "${FILESDIR}/examplify-mounts-conf.patch"
+}
+
+src_compile() {
+	emake docs
+}
+
+src_install() {
+	emake DESTDIR="${D}" install
+
+	insinto /etc/containers
+	# https://github.com/containers/skopeo/raw/main/default-policy.json
+	doins pkg/config/containers.conf "${FILESDIR}/policy.json"
+
+	insinto /etc/containers/registries.d
+	# https://github.com/containers/skopeo/raw/main/default.yaml
+	doins "${FILESDIR}/default.yaml"
+
+	insinto /usr/share/containers
+	doins pkg/seccomp/seccomp.json pkg/subscriptions/mounts.conf
+
+	keepdir /etc/containers/certs.d /etc/containers/oci/hooks.d /etc/containers/systemd /var/lib/containers/sigstore
+}
diff --git a/app-containers/podman/podman-4.5.0-r1.ebuild b/app-containers/podman/podman-4.5.0-r1.ebuild
new file mode 100644
index 000000000000..8d2ad1f49bc1
--- /dev/null
+++ b/app-containers/podman/podman-4.5.0-r1.ebuild
@@ -0,0 +1,149 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+EGIT_COMMIT="75e3c12579d391b81d871fd1cded6cf0d043550a"
+
+inherit shell-completion flag-o-matic go-module tmpfiles
+
+DESCRIPTION="Library and podman tool for running OCI-based containers in Pods"
+HOMEPAGE="https://github.com/containers/podman/ https://podman.io/"
+MY_PN=podman
+MY_P=${MY_PN}-${PV}
+SRC_URI="https://github.com/containers/podman/archive/v${PV}.tar.gz -> ${MY_P}.tar.gz"
+LICENSE="Apache-2.0 BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0"
+SLOT="0"
+
+KEYWORDS="~amd64"
+IUSE="apparmor btrfs cgroup-hybrid +fuse +init +rootless selinux"
+RESTRICT="test"
+
+COMMON_DEPEND="
+	app-crypt/gpgme:=
+	>=app-containers/containers-common-0.56.0
+	>=app-containers/conmon-2.0.0
+	cgroup-hybrid? ( >=app-containers/runc-1.0.0_rc6  )
+	!cgroup-hybrid? ( app-containers/crun )
+	dev-libs/libassuan:=
+	dev-libs/libgpg-error:=
+	sys-apps/shadow:=
+	sys-fs/lvm2
+	sys-libs/libseccomp:=
+
+	apparmor? ( sys-libs/libapparmor )
+	btrfs? ( sys-fs/btrfs-progs )
+	init? ( app-containers/catatonit )
+	rootless? ( app-containers/slirp4netns )
+	selinux? ( sys-libs/libselinux:= )
+"
+DEPEND="
+	${COMMON_DEPEND}
+	dev-go/go-md2man"
+RDEPEND="${COMMON_DEPEND}
+	fuse? ( sys-fs/fuse-overlayfs )
+	selinux? ( sec-policy/selinux-podman )"
+
+S=${WORKDIR}/${MY_P}
+
+src_prepare() {
+	default
+
+	# Disable installation of python modules here, since those are
+	# installed by separate ebuilds.
+	local makefile_sed_args=(
+		-e '/^GIT_.*/d'
+		-e 's/$(GO) build/$(GO) build -v -work -x/'
+		-e 's/^\(install:.*\) install\.python$/\1/'
+		-e 's|^pkg/varlink/iopodman.go: .gopathok pkg/varlink/io.podman.varlink$|pkg/varlink/iopodman.go: pkg/varlink/io.podman.varlink|'
+	)
+
+	has_version -b '>=dev-lang/go-1.13.9' || makefile_sed_args+=(-e 's:GO111MODULE=off:GO111MODULE=on:')
+
+	sed "${makefile_sed_args[@]}" -i Makefile || die
+}
+
+src_compile() {
+	local git_commit=${EGIT_COMMIT}
+
+	# Filter unsupported linker flags
+	filter-flags '-Wl,*'
+
+	[[ -f hack/apparmor_tag.sh ]] || die
+	if use apparmor; then
+		echo -e "#!/bin/sh\necho apparmor" > hack/apparmor_tag.sh || die
+	else
+		echo -e "#!/bin/sh\ntrue" > hack/apparmor_tag.sh || die
+	fi
+
+	[[ -f hack/btrfs_installed_tag.sh ]] || die
+	if use btrfs; then
+		echo -e "#!/bin/sh\ntrue" > hack/btrfs_installed_tag.sh || die
+	else
+		echo -e "#!/bin/sh\necho exclude_graphdriver_btrfs" > \
+			hack/btrfs_installed_tag.sh || die
+	fi
+
+	[[ -f hack/selinux_tag.sh ]] || die
+	if use selinux; then
+		echo -e "#!/bin/sh\necho selinux" > hack/selinux_tag.sh || die
+	else
+		echo -e "#!/bin/sh\ntrue" > hack/selinux_tag.sh || die
+	fi
+
+	# Avoid this error when generating pkg/varlink/iopodman.go:
+	# cannot find package "github.com/varlink/go/varlink/idl"
+	mkdir -p _output || die
+	ln -snf ../vendor _output/src || die
+	GO111MODULE=off GOPATH=${PWD}/_output go generate ./pkg/varlink/... || die
+	rm _output/src || die
+
+	export -n GOCACHE GOPATH XDG_CACHE_HOME
+	GOBIN="${S}/bin" \
+		emake all \
+			PREFIX="${EPREFIX}/usr" \
+			GIT_BRANCH=master \
+			GIT_BRANCH_CLEAN=master \
+			COMMIT_NO="${git_commit}" \
+			GIT_COMMIT="${git_commit}"
+}
+
+src_install() {
+	emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" install
+
+	insinto /etc/cni/net.d
+	doins cni/87-podman-bridge.conflist
+
+	newconfd "${FILESDIR}"/podman.confd podman
+	newinitd "${FILESDIR}"/podman.initd podman
+
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}/podman.logrotated" podman
+
+	dobashcomp completions/bash/*
+	dozshcomp completions/zsh/*
+	dofishcomp completions/fish/*
+
+	keepdir /var/lib/containers
+}
+
+pkg_preinst() {
+	PODMAN_ROOTLESS_UPGRADE=false
+	if use rootless; then
+		has_version 'app-containers/podman[rootless]' || PODMAN_ROOTLESS_UPGRADE=true
+	fi
+}
+
+pkg_postinst() {
+	tmpfiles_process podman.conf
+
+	local want_newline=false
+	if [[ ${PODMAN_ROOTLESS_UPGRADE} == true ]] ; then
+		${want_newline} && elog ""
+		elog "For rootless operation, you need to configure subuid/subgid"
+		elog "for user running podman. In case subuid/subgid has only been"
+		elog "configured for root, run:"
+		elog "usermod --add-subuids 1065536-1131071 <user>"
+		elog "usermod --add-subgids 1065536-1131071 <user>"
+		want_newline=true
+	fi
+}